Audit History
api-design-framework - 6 audits
Audit version 6
Latest Low RiskJun 28, 2026, 10:33 AM
Static analysis reported many high-risk patterns, but review found they are documentation examples, API route snippets, schema fields, and placeholder service URLs. No executable scripts, command execution, credential exfiltration, prompt injection, or malicious intent were found. The remaining low risk is that example URLs and auth placeholders must be customized before production use.
Low Risk Issues (3)
Audit version 5
SafeJan 16, 2026, 04:19 PM
Pure documentation skill containing only Markdown guidance and YAML templates for API design. No executable code, no file system access beyond its own directory, no network calls, no code execution capabilities. All 300 static findings are false positives caused by the scanner misidentifying documentation patterns as security issues.
Risk Factors
⚙️ External commands (97)
🌐 Network access (14)
Audit version 4
SafeJan 16, 2026, 04:19 PM
Pure documentation skill containing only Markdown guidance and YAML templates for API design. No executable code, no file system access beyond its own directory, no network calls, no code execution capabilities. All 300 static findings are false positives caused by the scanner misidentifying documentation patterns as security issues.
Risk Factors
⚙️ External commands (97)
🌐 Network access (14)
Audit version 3
SafeJan 10, 2026, 10:27 AM
Pure documentation skill containing only Markdown guidance and YAML templates for API design. No executable code, no file system access beyond its own directory, no network calls, no code execution capabilities. This is a prompt-based knowledge module with zero attack surface.
Audit version 2
SafeJan 10, 2026, 10:27 AM
Pure documentation skill containing only Markdown guidance and YAML templates for API design. No executable code, no file system access beyond its own directory, no network calls, no code execution capabilities. This is a prompt-based knowledge module with zero attack surface.
Audit version 1
SafeJan 10, 2026, 10:27 AM
Pure documentation skill containing only Markdown guidance and YAML templates for API design. No executable code, no file system access beyond its own directory, no network calls, no code execution capabilities. This is a prompt-based knowledge module with zero attack surface.